That happened one time, and it was caught before it was deployed to 99% of the people using Linux (assuming you're talking about the SSH hack, which was likely State sponsored).
Thankfully the spyware on windows is state sponsored and its also preinstalled 👍. You dont have to worry about cybersecurity because you are always compromised anyway.
Yeah, in the case of Windows tracking it is literally sponsored by the government, in the sense that they take our tax dollars, and hand them to Microsoft in exchange for all the data they steal.
Python, npm, and others are seeing huge spikes in typosquatting with malware
Supply chain attacks are also continuing to rise which takes away everyone’s naive approach to trusting whatever comes along on the premise of “name brands”
There’s no such thing as greener grass. It is always just a different shade. We are long past simplistic systems, and continue to grow in complexity which means an increasing attack surface and a necessity for continuing education/research.
Never trust, always verify. Windows is a heaping dumpster fire 80% of the time but I’m not going to pretend that Linux magically fixes everything and is infallible or somehow just “better”. There’s a reason many people don’t switch to Linux and that’s in the simplicity of using windows (mac, even). Linux, to some extent, requires a technical mindset, especially when it comes down to analyzing push/pull history for every package that gets installed/updated.
Not to mention the bullshit that comes with the (go figure) most common and user-friendly Linux distro - Ubuntu.
I can read a repo list. I can't see what windows is doing. It's an entire operating system that has spyware rooted into every nook and cranny of it. Now it takes screenshots of everything you do by default.